JOB TITLE: Red Team Lead
LOCATION(S): London, Bristol, Edinburgh or Manchester
HOURS: Full time
WORKING PATTERN: At least two days per week (or 40% of your time) at our office locations listed above.
About this opportunity
Within the Chief Security Office (CSO) our role is to protect the Group and our customers from security threats, and to enable the Group’s businesses to make change to their services safely and quickly.
The Advanced Intrusion Testing (AIT) team conducts intelligence-led intrusion tests, including Red Teaming and Purple Teaming, designed to simulate the approach a skilled adversary would use in real life cyber-attack scenarios against the Group. Scenarios are crafted to independently evaluate the organisation’s end-to-end cyber resilience by testing people, processes and technology.
We’re currently recruiting for an experienced Red Team Lead to expand our Advanced Intrusion Testing service.
Key responsibilities
Deliver Red Team Adversary Emulation tests, technically leading AIT colleagues through the execution of TTPs, while handling communication with key collaborators. Research and devise testing that will challenge the organisations’ ability to detect and respond to cyber-attacks.
Lead and support the delivery of collaborative testing exercises (Purple Team tests), maximising opportunities for the SOC to improve LBG’s security defence.
Work closely as part of a multi-functional matrix team of technical authorities from across the Chief Security Office and the business, focused on proactively improving the security posture of the Group.
Review testing outputs and support collaborators to identify appropriate remedial plans, while identifying thematic findings and root cause analysis.
Act as a technical authority within Chief Security Office and share knowledge and technical expertise to others through consultation, providing advice and coaching.
Identify and drive continuous improvement within the AIT team and support the direction of overall AIT strategy.
Lead by example, consistently demonstrating the Group Values and the Leadership Behaviours by being approachable and acting with integrity to build trust and credibility within your team.
Lead informal technical coaching and sharing of knowledge, providing an appropriate level of support for team members from a technical level.
About us
If you think all banks are the same, you'd be wrong. We're an innovative, fast-changing business that's shaping finance as a force for good. A bank that's empowering its people to innovate, explore possibilities and grow with purpose.
What you'll need
Solid experience in offensive security operations, such as network penetration testing, application (web / mobile / API) penetration testing, red teaming, or purple teaming.
Ability to conduct targeted, covert tests including identifying vulnerabilities, exploiting them, and performing post-exploitation activities, without needing to rely heavily on tools.
Solid grasp of Red Team, Purple Team, and Penetration testing methodologies and tools.
Good communication skills and experience of communicating technical issues with both technical and non-technical collaborators.
Good understanding of network and operating system fundamentals across Windows and *NIX.
Good overall working knowledge of enterprise architectures, operations, and IT environments and Defensive Security tooling.
Familiarity with the MITRE ATT&CK framework.
Preferred Qualifications
Offensive security / cybersecurity related qualifications (e.g. SANS GIAC, CREST, OSCP/OSCE, CRTO or equivalent cybersecurity programme).
Software development or coding experience in any low level or highlevel language (C#, C++, C, Python, Bash Scripting, Java, Rust, etc.).
Understanding of malware techniques.
Social Engineering and/or physical intrusion techniques.
Experience of CI/CD, Infrastructure as Code.
About working for us
Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society and celebrates diversity in all its forms.
We want our people to feel that they belong and can be their best, regardless of background, identity or culture.
We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative.
And it's why we especially welcome applications from under-represented groups.
We're disability confident. So, if you'd like reasonable adjustments to be made to our recruitment processes, just let us know.
We also offer a wide-ranging benefits package, which includes:
A generous pension contribution of up to 15%
An annual bonus award, subject to Group performance
Share schemes including free shares
Benefits you can adapt to your lifestyle, such as discounted shopping
30 days' holiday, with bank holidays on top
A range of wellbeing initiatives and generous parental leave policies
If you're excited by the thought of becoming part of our team, get in touch. We'd love to hear from you!
